Zabbix 5.0 LTS released!

Zabbix 5.0 LTS released! Viva Zabbix!

Zabbix is one of the our favourite open source monitoring system. It offers dozens of functions, models, templates dedicated to the most importants vendrors (visit Zabbix Share).

What’s New in Zabbix 5.0 LTS
Zabbix 5.0 LTS release comes with significant improvements in usability, security, and integrity.

Here is just a shortlist of the most important functionality included in Zabbix 5.0 LTS.

You choose: deploy on-premise or in the cloud
Zabbix is a Free and Open Source monitoring solution that can be deployed everywhere depending on your needs!

In addition to existing official packages and appliances, Zabbix 5.0 now also caters to the following platforms: SUSE Linux Enterprise Server 15, Debian 10, Ubuntu 20.04, Raspbian 10, Mac OS/X, RHEL 8, CentOS 8, MSI for Windows Agent.

See all available platforms in Downloads

Zabbix introduces a new set of out-of-the-box integrations with industry-standard cloud providers:

  • AWS
  • Azure
  • Google Cloud Platform
  • Digital Ocean
  • Docker
  • IBM/RedHat Cloud
  • Oracle Cloud

SAML authentication for single sign-on
SAML is used to provide a single point of authentication at a secure identity provider, meaning that user credentials never leave the firewall boundary, and then SAML is used to assert the identity to Zabbix and other applications. Support of SAML allows to have out-of-the-box integration of Zabbix with various on-premise and cloud identity providers like Microsoft ADFS, OpenAM, SecurAuth, Okta, Auth0 and many others.

Secure and reliable monitoring
Zabbix 5.0 introduces significant improvements for much more secure monitoring:

  • Support of HTTP Proxy for webhooks that allows to make connections from Zabbix Server to external alerting and ITSM systems more secure and controlled
  • Support of blacklists and whitelists for metrics on agent-side
  • Configurable ciphers for all Zabbix components to avoid using of non-secure ciphers for TLS connections
  • Support of encrypted connections to MySQL and PostgreSQL backends
  • Strong SHA256 for keeping hashes of user passwords

Keep your secrets secure
Zabbix 5.0 supports secret user macros for keeping any sensitive information like passwords and API tokens that you do not want to be exposed to end-users.

Scalability and performance
Zabbix 5.0 supports optional compression of collected data for TimescaleDB. In addition to general TimescaleDB advantages (automatic partitioning, performance and scalability) it also helps to even more improve performance and lower storage costs.

Zabbix UI is also improved to support monitoring and management of millions of monitored devices.

Next generation Zabbix Agent got official support
The new agent offers a wide range of new capabilities and advanced monitoring functions for Linux and Windows:

  • Written in Golang
  • Plugin framework for monitoring of various services and applications
  • Ability to maintain state between checks (for example, keeping persistent DB connections)
  • Support of trapping
  • Built-in scheduler to support flexible time intervals
  • Efficient network usage through bulk data transfer
  • Support of persistent storage of collected data
  • Drop-in replacement of existing agents on Linux and Windows

For a complete list of new features check out the documentation.

NB! Existing Zabbix agent will still be supported.

Next generation Zabbix Agent got official support
Monitoring that is easy to use and manage
Zabbix 5.0 got tons of usability and automation improvements that help:

  • Threading for email notifications generated by the same event
  • New preprocessing operation Replace, new operator for JSONPath
  • Ability to unacknowledge event
  • Support of message templates for media types for straight forward configuration of notifications
  • CLI tool to test JavaScript-based preprocessing and webhooks
  • Ability to test new and existing metrics from UI
  • Support of mass update of user macros
  • SNMP settings moved to host interface level for more simple templates and easier management
  • Host and metric availability monitoring using function nodata() respects availability of proxies
  • Monitoring that is easy to use and manage


Flexibility to monitor anything you want
Zabbix 5.0 extended functionality to make it more flexible:

  • Triggers support operations with text data
  • Support of host macros for host prototypes
  • Support of Float64 datatype
  • Support of override for low level discovery (LLD) helps to create much smarter templates
  • Flexibility to monitor anything you want


Automation and discovery
Automation is an essential part of Zabbix. Zabbix 5.0 brings it forward with support of:

  • Discovery of Windows performance counters
  • Discovery of JMX counters
  • Better ODBC monitoring with ability to configure all options for each metric individually


Advanced visualization
Presenting data in a human readable way is critical for operations. Zabbix 5.0 helps to make it even better by introducing:

  • New layout of Zabbix UI optimized for wide screens
  • A new view (Monitoring->Hosts) for displaying a list of monitored devices with advanced filtering options
  • Support of filtering by event tags for some dashboard widgets
  • Ability to copy dashboard graphs as pictures
  • Support of UI modules to extend functionality of Zabbix
  • Faster creation of dashboards thanks to ability to copy widgets
  • Improved consistency of map labels

Test item from UI
In previous Zabbix versions, it was difficult to tell if a newly-configured item was configured correctly or not. For that you needed to wait until the item tried to gather some data.

In the new version it is possible to test the item (template item, item prototype, low-level discovery rule) from the user interface even before saving and, if configured correctly, get a real value in return.

Item testing is not supported for active items and some simple checks (icmpping*vmware.* items).

To test the item, click on the Test button at the bottom of the item configuration form.

Built-in integrations with ITSM systems
Zabbix 5.0 introduces a new set of out-of-the-box integrations with industry-standard cloud-based and on-premise ITSM systems.

Official webhook Coding Guideline was introduced to set standard and simplify creation of webhook based integrations.

zabbix.com/documentation/guidelines/webhooks

More integrations with ITSM systems: Integrations

Built-in integrations with alerting systems
Zabbix 5.0 introduces a new set of out-of-the-box integrations with industry-standard alerting and notification systems.

More integrations with alerting systems: Integrations

New and updated templates and plugins
Most of the existing templates are updated and new templates and plugins are introduced for monitoring of different services, applications and devices.

Most of the templates now take advantage of the functionality for smart automatic discovery of various resources.

More templates and plugins: Integrations

Adjust Zabbix to your needs, contribute!
Make your template, plugin or a webhook included into the official Zabbix distribution by following these three steps:

Sign Zabbix Contributor Agreement (ZCA)
zabbix.com/developers
Make Zabbix Pull Request
https://git.zabbix.com
Zabbix Dev Team will review and accept if everything is fine
Congratulations! Your solution is officially supported and thousands of Zabbix users are thankful for your effort!

More newly developed and improved features of Zabbix 5.0 LTS

  • Increased size of acknowledge messages from 255 to 4096 characters
  • Added support of LIBSSH to support newer platforms like RHEL 8
  • Support of Elasticsearch 7.x (7.4, 7.6)
  • Latest data displays data if filter is not set
  • Increased zabbix_sender time resolution to nanoseconds
  • Monitoring->Latest data: show data if filter is empty
  • Base64 processing in JavaScript using new functions atob() and btoa()
  • Do not log system.run[] for local use
  • Increased size of item key from 255 to 2048 characters
  • Ability to flush SNMP cache, SNMPv3 context changes
  • Faster hash function for internal operations
  • Documented how to do filtering for vmware.event monitoring
  • Improved consistency of map labels
  • Filter by individual severities for Monitoring→Problems
  • Ability to use user macros for IPMI user name and password
  • Remote monitoring of versions of Zabbix components
  • Added filter for discovery rules
  • New API method to get auditlog

Removed legacy to build a better product faster

  • No support of Internet Explorer 11
  • Dropped support of IBM DB2
  • mbedTLS (former polarSSL) is no longer supported for encryption. Only OpenSSL and GnuTSL libraries


Minimum supported version for PHP is now 7.2: safer and more strict code
And more! For a complete list of new features check out the Release notes. Release Notes.

More Informations about what’s new is here: Link

How to Install JFrog Artifactory on Ubuntu 18.04 / 16.04

Original Article: How to Install JFrog Artifactory on Ubuntu 18.04 / 16.04

Today we will see how to Install JFrog Artifactory on Ubuntu 18.04/16.04. JFrog Artifactory is the world’s most advanced repository manager designed to integrate with the majority of continuous integration and delivery tools. With JFrog Artifactory, delivering an end to end automated solution with artifacts tracking from development to production becomes a reality.

Artifactory is mostly used by build tools such as Maven, Apache Ant, and Gradle to store respective artifacts in its local repository to be consumption by other applications and tools.

Install JFrog Artifactory on Ubuntu

The easiest way of installing and running Artifactory on Ubuntu 18.04/16,04 is by using Docker. The process is straightforward without dependency/permission hurdles. You just install Docker, download Artifactory image and spin a container.

Step 1: Install Docker Engine

Install Docker. For a quick start, here is the process.

Install packages to allow apt to use a repository over HTTPS:

sudo apt -y install apt-transport-https \
ca-certificates \
curl \
software-properties-common

Add Docker’s official GPG key:

curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

Add stable repository:

sudo add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

Install Docker CE:

sudo apt update && sudo apt -y install docker-ce

If you would like to use Docker as a non-root user, you should now consider adding your user to the “docker” group with something like:

sudo usermod -aG docker $USER

Run the command below to see a version of docker installed.

$ docker version
Client:
 Version:           18.09.5
 API version:       1.39
 Go version:        go1.10.8
 Git commit:        e8ff056
 Built:             Thu Apr 11 04:43:57 2019
 OS/Arch:           linux/amd64
 Experimental:      false

Server: Docker Engine - Community
 Engine:
  Version:          18.09.5
  API version:      1.39 (minimum version 1.12)
  Go version:       go1.10.8
  Git commit:       e8ff056
  Built:            Thu Apr 11 04:10:53 2019
  OS/Arch:          linux/amd64
  Experimental:     false

Step 2: Download JFrog Artifactory Docker image

There are different editions of JFrog Artifactory available, check the Comparison Matrix. If you’re not sure, install the OSS (Open Source Software) version. For more features, you can consider the Pro.

Pull the latest Docker image of JFrog Artifactory.

docker pull docker.bintray.io/jfrog/artifactory-oss:latest

For CE edition:

docker pull docker.bintray.io/jfrog/artifactory-cpp-ce

Confirm Docker images:

$ docker images
REPOSITORY                                   TAG                 IMAGE ID            CREATED             SIZE
docker.bintray.io/jfrog/artifactory-cpp-ce   latest              24d943a892ac        43 hours ago        582MB
docker.bintray.io/jfrog/artifactory-oss      latest              58d49856785f        43 hours ago        582MB

Step 3: Create Data Directory

Create data directory on host system to ensure data used on container is persistent.

sudo mkdir -p /jfrog/artifactory
sudo chown -R 1030 /jfrog/

Step 4: Start JFrog Artifactory container

To start an Artifactory container, use the command:

$ docker run --name artifactory -d -p 8081:8081 -p 8082:8082\
   -v /jfrog/artifactory:/var/opt/jfrog/artifactory \
   docker.bintray.io/jfrog/artifactory-oss:latest

You can pass Java system properties to the JVM running Artifactory using EXTRA_JAVA_OPTIONS. Check more on Docker setup link. See example below.

$ docker run --name artifactory -d -p 8081:8081 -p 8082:8082\
   -v /jfrog/artifactory:/var/opt/jfrog/artifactory \
   -e EXTRA_JAVA_OPTIONS='-Xms512m -Xmx2g -Xss256k -XX:+UseG1GC' \
   docker.bintray.io/jfrog/artifactory-pro:latest

Step 5: Running JFrog Artifactory container with Systemd

Systemd is the default init system for Ubuntu 18.04/16.04. We can use it to manage JFrog Artifactory container.

Create Artifactory service unit file.

sudo vim /etc/systemd/system/artifactory.service

Add:

[Unit]
Description=Setup Systemd script for Artifactory Container
After=network.target

[Service]
Restart=always
ExecStartPre=-/usr/bin/docker kill artifactory
ExecStartPre=-/usr/bin/docker rm artifactory
ExecStart=/usr/bin/docker run --name artifactory -p 8081:8081 -p 8082:8082 \
  -v /jfrog/artifactory:/var/opt/jfrog/artifactory \
  docker.bintray.io/jfrog/artifactory-oss:latest
ExecStop=-/usr/bin/docker kill artifactory
ExecStop=-/usr/bin/docker rm artifactory

[Install]
WantedBy=multi-user.target

Reload systemd.

sudo systemctl daemon-reload

Then start Artifactory container with systemd.

sudo systemctl start artifactory

Enable it to start at system boot.

sudo systemctl enable artifactory

Status can be checked with:

sudo systemctl status artifactory

Also check service binding with:

$ ss -tunelp | grep 8081
tcp LISTEN 0 128 *:8081 *:* users:(("docker-proxy",pid=2820,fd=4)) ino:117162 sk:b v6only:0 <->

Step 6: Access Artifactory Web Interface

Artifactory can be accessed using the following URL:

http://SERVERIP_OR_DOMAIN:8081

You should be redirecto to the new Artifactory welcome page.

http://SERVERIP_OR_DOMAIN:8082/ui/login/

By default Artifactory username and password are admin / password

POSTFIX Error “fatal: parameter inet_interfaces: no local interface found for ::1”

Issue

You are note able to restart / start postfix and getting the below error.
fatal: parameter inet_interfaces: no local interface found for ::1

Solution

Edit the file /etc/postfix/main.cf

vim /etc/postfix/main.cf

search for the line inet_interfaces = all

And change it to:

inet_interfaces = 127.0.0.1, 10.10.11.12 10.10.11.12 is your local IP address

:wq! Save and exit

restart postfix.

service postfix restart

Please Comment and share if this post was able to fix your issue

Original Article: fatal: parameter inet_interfaces: no local interface found for ::1

Meltdown and Spectre CPU flaws for Windows 2003 Windows, Meltdown and Spectre: Keep calm and carry on

Microsoft releases Windows patches

Yesterday evening, Microsoft released Windows patches — Security-only Updates, Cumulative Updates, and Delta Updates — for a wide array of Window versions, from Win7 onward. See the Update Catalog for details. (Thx, @Crysta). Note that the patches are listed with a “Last Updated” date of Jan. 4, not Jan. 3, the nominal release date. The Win7 and 8.1 patches are Security Only (the kind you have to install manually). I’ve been assured that the Win7 and 8.1 Monthly Rollups will come out next week on Patch Tuesday.

The Win10 patch for Fall Creators Update, version 1709, contains other security fixes besides those related to Meltdown. The other Win10 patches appear to be Meltdown-only. Those of you running the beta version of Win10 1803, in the Insider Program, have already received the patches.

BUT… you won’t get any patches installed unless and until your antivirus software sets a specific registry key. (It now appears as if the value of the key doesn’t matter; just the presence of the registry entry turns on Meltdown protection. Thx, @abbodi86, @MrBrian.) If you’re running third-party antivirus, it has to be updated before the Meltdown patch installer will run. It looks as if there are known problems with bluescreens for some antivirus products.

There are also cumulative updates for Internet Explorer 11 in various versions of Win7 and 8.1 listed in the Update Catalog. The fixes for Win10, and for Edge, are inside the respective Win10 cumulative updates. Microsoft has also released fixes for SQL Server 2016 and 2017.

Note that the Windows Server patches are not enabled by default. Those of you who want to turn on Meltdown protection have to change the registry. (Thx @GossiTheDog)

Question: Does Microsoft will release patches for olders operating systems like Windows Server 2003, Windows Server 2000?

Answer: Maybe No. Windows XP and Server 2003 don’t yet have patches. As you know these operating system are out of support. No word on whether Microsoft will release those sooner or later.

Operating system version Update KB
Windows Server, version 1709 (Server Core Installation) 4056892
Windows Server 2016 4056890
Windows Server 2012 R2 4056898
Windows Server 2012 Not available
Windows Server 2008 R2 4056897
Windows Server 2008 Not available

Kevin Beaumont, @GossiTheDog, is maintaining a list of antivirus products and their Meltdown-related problems. On Google Docs, of course.

Related Articles: Windows, Meltdown and Spectre | Meltdown and Spectre CPU flaws | Widenet Meltdown and Spectre CPU Blog

AWS – Processor Speculative Execution Research Disclosure News About Concerning: CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

We Talked about Meltdown and Spectre on this article.

Here what AWS – Amazon says:

Update As Of: 2018/01/07 11:30 PST

This is an update for this issue.

Amazon EC2

All instances across the Amazon EC2 fleet are protected from all known threat vectors from the CVEs previously listed. Customers’ instances are protected against these threats from other instances. We have not observed meaningful performance impact for the overwhelming majority of EC2 workloads.

Recommended Customer Actions for AWS Batch, Amazon EC2, Amazon Elastic Beanstalk, Amazon Elastic Container Service, Amazon Elastic MapReduce, and Amazon Lightsail

While all customer instances are protected, we recommend that customers patch their instance operating systems. This will strengthen the protections that these operating systems provide to isolate software running within the same instance. For more details, refer to specific vendor guidance on patch availability and deployment.

Specific vendor guidance:

For operating systems not listed, customers should consult with their operating system or AMI vendor for updates and instructions.

Updates to other AWS services

Amazon Linux AMI (Bulletin ID: ALAS-2018-939)

An updated kernel for Amazon Linux is available within the Amazon Linux repositories. EC2 instances launched with the default Amazon Linux configuration on or after 10:45 PM (GMT) January 3rd, 2018 will automatically include the updated package. Customers with existing Amazon Linux AMI instances should run the following command to ensure they receive the updated package:

sudo yum update kernel

After the yum update is complete, a reboot is required for updates to take effect.

More information on this bulletin is available at the Amazon Linux AMI Security Center.

EC2 Windows

We have updated AWS Windows AMIs. These are now available for customers to use, and AWS Windows AMIs have the necessary patch installed and registry keys enabled.

Microsoft have provided Windows patches for Server 2008R2, 2012R2 and 2016. Patches are available through the built-in Windows Update Service for Server 2016. We are pending information from Microsoft on patch availability for Server 2003, 2008SP2 and 2012RTM.

AWS customers running Windows instances on EC2 that have “Automatic Updates” enabled should run automatic updates to download and install the necessary update for Windows when it is available.

Please note, Server 2008R2 and 2012R2 patches are currently unavailable through Windows Update requiring manual download, Microsoft advise these patches will be available Tuesday, January 9th.

AWS customers running Windows instances on EC2 that do not have “Automatic Updates” enabled should manually install the necessary update when it is available by following the instructions here: http://windows.microsoft.com/en-us/windows7/install-windows-updates.

Please note, for Windows Server, additional steps are required by Microsoft to enable their update’s protective features for this issue, described here: https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution.

ECS Optimized AMI

We have released Amazon ECS Optimized AMI version 2017.09.e which incorporates all Amazon Linux protections for this issue. We advise all Amazon ECS customers to upgrade to this latest version which is available in the AWS Marketplace. Customers that choose to update existing instances in-place should run the following command on each container instance:

sudo yum update kernel

The update requires a reboot of the container instance to complete

Linux customers who do not use the ECS Optimized AMI are advised to consult with the vendor of any alternative / third-party operating system, software, or AMI for updates and instructions as needed. Instructions about Amazon Linux are available in the Amazon Linux AMI Security Center.

An updated Microsoft Windows EC2 and ECS Optimized AMI will be released as Microsoft patches become available.

Elastic Beanstalk

We will be releasing new platform versions that include the kernel update to address this issue within 48 hours. For Linux environments, we recommend that you enable “Managed Platform Updates” to automatically update within your chosen maintenance window once these updates are available. We will post instructions for Windows environments once the update is available.

AWS Fargate

All infrastructure running Fargate tasks has been patched as described above and no customer action is required.

Amazon FreeRTOS

There are no updates required for or applicable to Amazon FreeRTOS and its supported ARM processors.

AWS Lambda

All instances running Lambda functions have been patched as described above and no customer action is required.

RDS

RDS-managed customer database instances are each dedicated to only running a database engine for a single customer, with no other customer-accessible processes and no ability for customers to run code on the underlying instance. As AWS has finished protecting all infrastructure underlying RDS, process-to-kernel or process-to-process concerns of this issue do not present a risk to customers. Most database engines RDS supports have reported no known intra-process concerns at this time. Additional database engine-specific details are below, and unless otherwise noted, there is no customer action required. We will update this bulletin as more information is available.

RDS for MariaDB, RDS for MySQL, Aurora MySQL, and RDS for Oracle database instances currently have no customer actions required.

For RDS PostgreSQL and Aurora PostgreSQL, DB Instances running in the default configuration currently have no customer actions required. We will provide the appropriate patches for users of plv8 extensions once they are made available. In the meantime, customers who have enabled plv8 extensions (disabled by default) should consider disabling them and review V8’s guidance at https://github.com/v8/v8/wiki/Untrusted-code-mitigations.

For RDS for SQL Server Database Instances, we will release OS and database engine patches as Microsoft makes each available, allowing customers to upgrade at a time of their choosing. We will update this bulletin when either has been completed. In the meantime, customers who have enabled CLR (disabled by default) should review Microsoft’s guidance on disabling the CLR extension at https://support.microsoft.com/en-us/help/4073225/guidance-for-sql-server.

VMware Cloud on AWS

Please refer to the VMware security advisory here for more details: https://www.vmware.com/security/advisories/VMSA-2018-0002.html.

WorkSpaces

AWS will apply security updates released by Microsoft to most AWS WorkSpaces over the coming weekend. Customers should expect their WorkSpaces to reboot during this period.

Bring Your Own License (BYOL) customers, and customers who have changed the default update setting in their WorkSpaces should manually apply the security updates provided by Microsoft.

Please follow the instructions provided by Microsoft security advisory at https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/ADV180002. The security advisory includes links to knowledge base articles for both Windows Server and Client operating systems that provide further specific information.

Updated WorkSpaces bundles will be available with the security updates soon. Customers who have created Custom Bundles should update their bundles to include the security updates themselves. Any new WorkSpaces launched from bundles that do not have the updates will receive patches soon after launch, unless customers have changed the default update setting in their WorkSpaces, in which case they should follow the above steps to manually apply the security updates provided by Microsoft.

WorkSpaces Application Manager (WAM)

We recommend that customers choose one of the following courses of action:

Option 1: Manually apply the Microsoft patches on running instances of WAM Packager and Validator by following the steps provided by Microsoft at https://support.microsoft.com/en-us/help/4072698/windows-server-guidance-to-protect-against-the-speculative-execution. This page provides further instructions and downloads for Windows Server.

Option 2: Rebuild new WAM Packager and Validator EC2 instances from updated AMIs for WAM Packager and Validator which will be available by end of day (2018/01/04).

=========================================================

2018/01/03 14:45 PST

AWS is aware of recently disclosed research regarding side-channel analysis of speculative execution on modern computer processors (CVE-2017-5715, CVE-2017-5753, and CVE-2017-5754). These are vulnerabilities that have existed for more than 20 years in modern processor architectures like Intel, AMD, and ARM across servers, desktops, and mobile devices.